tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

API: Remove $sid argument of Session::start()

Browse Source 
NEW: Pass HTTPRequest to session
NEW: Pass HTTPReuqest optionally to Director statics

The session handler now expects to operate on a specific
HTTPRequest object.
This commit is contained in:
Sam Minnee 2017-06-25 14:13:36 +12:00 committed by Damian Mooyman
parent ccc86306b6
commit e92c63c545
4 changed files with 25 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/Control/Director.php
View File

@ -509,7 +509,7 @@ class Director implements TemplateGlobalProvider
* *
* @return string * @return string
*/ */
public static function host() public static function host(HTTPRequest $request = null)
{ {
// Check if overridden by alternate_base_url // Check if overridden by alternate_base_url
if ($baseURL = self::config()->get('alternate_base_url')) { if ($baseURL = self::config()->get('alternate_base_url')) {
@ -520,7 +520,9 @@ class Director implements TemplateGlobalProvider
} }
} }
$request = Injector::inst()->get(HTTPRequest::class); if (!$request) {
$request = Injector::inst()->get(HTTPRequest::class, true, ['GET', '/']);
}
if ($request && $host = $request->getHeader('Host')) { if ($request && $host = $request->getHeader('Host')) {
return $host; return $host;
} }
@ -549,9 +551,9 @@ class Director implements TemplateGlobalProvider
* *
* @return bool|string * @return bool|string
*/ */
public static function protocolAndHost() public static function protocolAndHost(HTTPRequest $request = null)
{ {
return static::protocol() . static::host(); return static::protocol($request) . static::host($request);
} }
/** /**
@ -559,9 +561,9 @@ class Director implements TemplateGlobalProvider
* *
* @return string * @return string
*/ */
public static function protocol() public static function protocol(HTTPRequest $request = null)
{ {
return (self::is_https()) ? 'https://' : 'http://'; return (self::is_https($request)) ? 'https://' : 'http://';
} }
/** /**
@ -569,7 +571,7 @@ class Director implements TemplateGlobalProvider
* *
* @return bool * @return bool
*/ */
public static function is_https() public static function is_https(HTTPRequest $request = null)
{ {
// Check override from alternate_base_url // Check override from alternate_base_url
if ($baseURL = self::config()->uninherited('alternate_base_url')) { if ($baseURL = self::config()->uninherited('alternate_base_url')) {
@ -581,7 +583,9 @@ class Director implements TemplateGlobalProvider
} }
// Check the current request // Check the current request
$request = Injector::inst()->get(HTTPRequest::class); if (!$request) {
$request = Injector::inst()->get(HTTPRequest::class, true, ['GET', '/']);
}
if ($request && $host = $request->getHeader('Host')) { if ($request && $host = $request->getHeader('Host')) {
return $request->getScheme() === 'https'; return $request->getScheme() === 'https';
} }

23
src/Control/Session.php
View File

@ -172,10 +172,10 @@ class Session
/** /**
* Init this session instance before usage * Init this session instance before usage
*/ */
public function init() public function init(HTTPRequest $request)
{ {
if (!$this->isStarted()) { if (!$this->isStarted()) {
$this->start(); $this->start($request);
} }
// Funny business detected! // Funny business detected!
@ -183,7 +183,7 @@ class Session
if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent()) { if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent()) {
$this->clearAll(); $this->clearAll();
$this->destroy(); $this->destroy();
$this->start(); $this->start($request);
} }
} }
} }
@ -191,10 +191,10 @@ class Session
/** /**
* Destroy existing session and restart * Destroy existing session and restart
*/ */
public function restart() public function restart(HTTPRequest $request)
{ {
$this->destroy(); $this->destroy();
$this->init(); $this->init($request);
} }
/** /**
@ -210,9 +210,9 @@ class Session
/** /**
* Begin session * Begin session
* *
* @param string $sid * @param $request The request for which to start a session
*/ */
public function start($sid = null) public function start(HTTPRequest $request)
{ {
if ($this->isStarted()) { if ($this->isStarted()) {
throw new BadMethodCallException("Session has already started"); throw new BadMethodCallException("Session has already started");
@ -223,7 +223,7 @@ class Session
$path = Director::baseURL(); $path = Director::baseURL();
} }
$domain = $this->config()->get('cookie_domain'); $domain = $this->config()->get('cookie_domain');
$secure = Director::is_https() && $this->config()->get('cookie_secure'); $secure = Director::is_https($request) && $this->config()->get('cookie_secure');
$session_path = $this->config()->get('session_store_path'); $session_path = $this->config()->get('session_store_path');
$timeout = $this->config()->get('timeout'); $timeout = $this->config()->get('timeout');
@ -255,9 +255,6 @@ class Session
session_name('SECSESSID'); session_name('SECSESSID');
} }
if ($sid) {
session_id($sid);
}
session_start(); session_start();
$this->data = isset($_SESSION) ? $_SESSION : array(); $this->data = isset($_SESSION) ? $_SESSION : array();
@ -480,13 +477,13 @@ class Session
* Save data to session * Save data to session
* Only save the changes, so that anyone manipulating $_SESSION directly doesn't get burned. * Only save the changes, so that anyone manipulating $_SESSION directly doesn't get burned.
*/ */
public function save() public function save(HTTPRequest $request)
{ {
if ($this->changedData) { if ($this->changedData) {
$this->finalize(); $this->finalize();
if (!$this->isStarted()) { if (!$this->isStarted()) {
$this->start(); $this->start($request);
} }
$this->recursivelyApply($this->changedData, $_SESSION); $this->recursivelyApply($this->changedData, $_SESSION);

4
src/Control/SessionMiddleware.php
View File

@ -12,7 +12,7 @@ class SessionMiddleware implements HTTPMiddleware
{ {
try { try {
// Start session and execute // Start session and execute
$request->getSession()->init(); $request->getSession()->init($request);
// Generate output // Generate output
$response = $delegate($request); $response = $delegate($request);
@ -20,7 +20,7 @@ class SessionMiddleware implements HTTPMiddleware
// Save session data, even if there was an exception. // Save session data, even if there was an exception.
// Note that save() will start/resume the session if required. // Note that save() will start/resume the session if required.
} finally { } finally {
$request->getSession()->save(); $request->getSession()->save($request);
} }
return $response; return $response;

2
src/Core/Startup/ErrorControlChainMiddleware.php
View File

@ -84,7 +84,7 @@ class ErrorControlChainMiddleware implements HTTPMiddleware
$this->getApplication()->getKernel()->boot(false); $this->getApplication()->getKernel()->boot(false);
// Ensure session is started // Ensure session is started
$request->getSession()->init(); $request->getSession()->init($request);
// Next, check if we're in dev mode, or the database doesn't have any security data, or we are admin // Next, check if we're in dev mode, or the database doesn't have any security data, or we are admin
if (Director::isDev() || !Security::database_is_ready() || Permission::check('ADMIN')) { if (Director::isDev() || !Security::database_is_ready() || Permission::check('ADMIN')) {